-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(ids-api): Default scopes for clients #16476
base: main
Are you sure you want to change the base?
Changes from 4 commits
a4df4d0
17df3b8
8e3a9d0
a2ea02c
6431c0b
1c78899
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
'use strict'; | ||
|
||
module.exports = { | ||
async up (queryInterface, Sequelize) { | ||
const clients = await queryInterface.sequelize.query(`SELECT "client_id" FROM "client" WHERE "client_type" IN ('web', 'native', 'spa');`, { type: queryInterface.sequelize.QueryTypes.SELECT }); | ||
const clientIds = clients.map(client => client.client_id); | ||
|
||
if (!clientIds.length) { | ||
return; | ||
} | ||
|
||
const existingScopes = await queryInterface.sequelize.query( `SELECT "client_id", "scope_name" FROM "client_allowed_scope" WHERE "client_id" IN (:clientIds);`, | ||
{ type: queryInterface.sequelize.QueryTypes.SELECT, replacements: { clientIds } }); | ||
|
||
const existingScopesLookup = new Set( | ||
existingScopes.map(scope => `${scope.client_id}-${scope.scope_name}`) | ||
); | ||
|
||
const rows = []; | ||
const defaultScopes = ['email', 'address', 'phone'] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Consider extracting default scopes to a constant For better maintainability and potential reuse, consider extracting the default scopes array to a constant at the module level. Apply this change at the top of the file: const DEFAULT_SCOPES = ['email', 'address', 'phone'];
module.exports = {
async up(queryInterface, Sequelize) {
// ... existing code ...
// Replace line 28 with:
const defaultScopes = DEFAULT_SCOPES;
// ... rest of the code ...
},
// ... down method ...
}; This change improves code readability and makes it easier to update default scopes in the future if needed. |
||
|
||
for (const clientId of clientIds) { | ||
rows.push(...defaultScopes.filter((scope => { | ||
return !existingScopesLookup.has(`${clientId}-${scope}`); | ||
})).map(scope => ({ client_id: clientId, scope_name: scope }))); | ||
} | ||
|
||
if (!rows.length) { | ||
return; | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Consider extracting default scopes to a constant The default scopes array is defined within the method. For better maintainability and potential reuse, consider extracting it to a constant at the module level. Apply this change at the top of the file: const DEFAULT_SCOPES = ['email', 'address', 'phone'];
module.exports = {
async up(queryInterface, Sequelize) {
// ... existing code ...
// Replace line 20 with:
// const defaultScopes = DEFAULT_SCOPES;
// ... rest of the code ...
},
// ... down method ...
}; This change improves code readability and makes it easier to update default scopes in the future if needed. |
||
|
||
await queryInterface.bulkInsert('client_allowed_scope', rows); | ||
}, | ||
|
||
async down (queryInterface, Sequelize) { | ||
/** | ||
* There is no need to go back | ||
* | ||
*/ | ||
} | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🛠️ Refactor suggestion
Consider using parameterized query for better security
While the current query is not directly vulnerable to SQL injection (as it doesn't use user input), it's a good practice to use parameterized queries consistently. Consider refactoring to use query parameters.
Here's a suggested refactoring:
This approach is more secure and consistent with best practices for database queries.